Configure the SAML Assertions to be moderated to Cyren for identifying the user, which includes the group membership, department and full name parameters.
To add a claim rule
- In the AD FS 2.0 Management window, open the Trust Relationships > Relying Party Trusts folder.
- Right-click the relying party trust that you created Cyren SSO, and select Edit Claim Rules...
- When the Edit Claim Rules window appears, click Add Rule.
- In the Add Transform Claim RuleWizard window, select Choose Rule Type, and then select Send LDAP Attributes as Claims, and click Next.
- The Configure Rule window is displayed.
- Select Configure Claim Rule.
- In the Claim rule name, type in a name for the claim rule - CyrenSSO Claims.
- From the Attribute Store menu, select Active Directory.
- Map the LDAP attributes that represent the user login name and email to fields in the Outgoing Claim Type:
- Map the LDAP Attribute for E-Mail-Addresses for login name to an outgoing claim type E-Mail Address.
- Map the User-Principal-Name attribute for User-Principal-Name for login name to an outgoing claim type UPN.